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DETAILED ACTION 

1 . The application having Application No. 10,010,748 has a total of 31 
claims pending in the application; there are 5 independent claims and 
26 dependent claims, all of which are ready for examination by the 
examiner. Claims 1-31 have been examined. 

Claim Rejections - 35 USC § 102 

2. The following is a quotation of the appropriate paragraphs of 35 

U.S.C. 102 that form the basis for the rejections under this section 

made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country 
or in public use or on sale in this country, more than one year prior to the date of application for 
patent in the United States. 

3. Claims 1-37 are rejected under 35 U.S.C. 102(b) as being 
anticipated by Netscape Directory Server Administrator's Guide, 
Version 3.0, (herein referred to as Reference A). 

4. As per claim 1 , Reference A depict a method comprising: 
designating a location in a directory server (pg. 88, para. 2 lines 

1-3); 

providing attribute-related data comprising a filter expression (pg. 
88, para. 3-7); and 

selectively controlling access to an entry situated at the designated 
location using the filter expression in said attribute-related data (pg. 
125, para. 6, line 1; pg. 90, para. 1, line 1-3). 

5. As per claim 2, Reference A depict the method of claim 1 , wherein: 
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the filter expression is selectively associated with a class of 
operations (pg. 93). 

6. As per claim 3, Reference A depict the method of claim 2, wherein: 
the filter expression is associated with a class of operations 

selected from a predefined group comprising "add" and "delete" 
classes of operations (pg. 93, para. 4-5). 

7. As per claim 4, the method of claim 3, wherein: 

the predefined group further comprises the "search" class of 
operations (pg. 93, para. 6). 

8. As per claim 5, the method of claim 1 , wherein: 

the filter expression is selectively associated with an attribute (pg. 
125, para. 6, line 1; pg. 90, para. 1, lines 1-3). 

9. As per claim 6, the method of claim 1 , wherein: 

said selectively controlling comprises denying access to the entry if 
the filter expression refers to more than one attribute type (pg. 88, 
para. 7). 

1 0. As per claim 7, the method of claim 1 , wherein: 

said selectively controlling is repeated for each attribute value of an 
attribute type being referred to in the filter expression (pg. 90, para. 4). 

11. As per claim 8, the method of claim 1 , wherein: 

said providing comprises providing data adapted to designate 
attribute values in the form of a plurality of filter expressions, defined in 
accordance with a predefined syntax (pg. 88, para. 7). 
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12. As per claim 9, the method of claim 8, wherein: 

the plurality of filter expressions are interconnectable by an AND 
condition (pg. 196, table 8.2). 

13. As per claim 10, a directory server request processor comprising: 

a filter execution processor configured to generate a result of a filter 
expression (pg. 88, para. 3-7); and 

an access control instruction processor comprising an interpreter, 
wherein the interpreter calls the filter execution processor in response 
to a filter indicating keyword in an access control instruction and 
controls access through the directory server request in accordance 
with the result of the filter execution processor (pg. 90, para. 4). 

14. As per claim 1 1 , the access control instruction processor of claim 
10, wherein: 

the interpreter is capable of repetitive operation for processing a 
plurality of interconnected filter expressions (pg. 196, table 8.2). 

15. As per claim 12, the access control instruction processor of claim 
10, wherein: 

the interpreter further comprises a filter interpreter for determining 
whether a filter expression refers to more than one attribute type (pg. 
88, para. 3-7). 

16. As per claim 13, the access control instruction processor of claim 
10, wherein: 

the interpreter is capable of at least partially repetitive operation for 
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processing each attribute value of an attribute type being referred to in 
the filter expression (pg. 88, para. 3-7). 

17. As per claim 14, a computer readable medium comprising program 
instructions computer executable to: 

receive a request to access an attribute of a directory server entry 
(pg. 88, para. 2, lines 1-3). 

deny access if a criterion defined by a filter expression associated 
with the attribute is not met by a first value of the attribute (pg. 91, 
para. 4; pg. 92, para. 1). 

18. As per claim 15, the computer readable medium of claim 14, 
wherein: 

the program instructions are computer executable to authorize 
access if the criterion defined by the filter expression associated with 
the attribute is met by each value of the attribute (pg. 90, para. 4; pg. 
92, para. 1; pg. 98, para. 1). 

19. As per claim 16, the computer readable medium of claim 14, 
wherein: 

the request to access comprises a request to delete the first value 
of the attribute and wherein the filter expression is associated with 
operations that delete values of the attribute (pg. 98, para. 1). 

20. As per claim 17, the computer readable medium of claim 16, 
wherein: 

the criterion defined by the filter expression specifies that the 
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attribute cannot be deleted if a value of the attribute is the first value 
(pg. 98, para. 1). 

21. As per claim 18, the computer readable medium of claim 14, 
wherein: 

the request to access comprises a request to add the first value of 
the attribute and wherein the filter expression is associated with 
operations that add values of the attribute (pg. 98, para. 1; pg. 90, 
para. 1, 4). 

22. As per claim 1 9, the computer readable medium of claim 1 8, 
wherein: 

the criterion defined by the filter expression specifies that the 
attribute cannot be added if a value of the attribute is the first value 
(pg. 98, para. 1; pg. 90, para. 1,4). 

23. As per claim 20, the computer readable medium of claim 1 , 
wherein: 

the program instructions are computer executable to evaluate the 
filter expression for each instance of the attribute and deny access if 
any instance of the attribute fails to satisfy the criterion defined by the 
filter expression (pg. 91, para. 4; pg. 92, para. 1). 

24. As per claim 21 , the method comprising: 

receiving a request to access an attribute of a directory server 
entry, 
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denying access if a criterion defined by a filter expression 
associated with the attribute is not met by a first value of the attribute 
(pg. 90, para. 1, line 1-3; pg. 125, para. 6, line 1). 

25. As per claim 22, the method of claim 21 , further comprising: 
authorizing access if the criterion defined by the filter expression 

associated with the attribute is met by each value of the attribute (pg. 
90, para. 4; pg. 92, para. 1; pg. 98, para. 1). 

26. As per claim 23 , the method of claim 21 , wherein: 

the request to access comprises a request to delete the first value 
of the attribute and wherein the filter expression is associated with 
operations that delete values of the attribute (pg. 98, para. 1). 

27. As per claim 24, the method of claim 23, wherein: 

the criterion defined by the filter expression specifies that the 
attribute cannot be deleted if a value of the attribute to be deleted is 
the first value (pg. 98, para. 1). 

28. As per claim 25, the method of claim 21 , wherein: 

the request to access comprises a request to add the first value of 
the attribute and wherein the filter expression is associated with 25 
operations that add values of the attribute (pg. 98, para. 1; pg. 90, 
para. 1 , 4). 

29. As per claim 26, the method of claim 25, wherein: 

the criterion defined by the filter expression specifies that the 
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attribute cannot be added if a value of the attribute to be added is the 
first value (pg. 98, para. 1; pg. 90, para. 1, 4). 

30. As per claim 27, the method of claim 21 , further comprising: 
evaluating the filter expression for each instance of the attribute and 

denying access if any instance of the attribute fails to satisfy the 
criterion defined by the filter expression (pg. 91, para. 4; pg. 92, para. 

1). 

31 . As per claim 28, a directory server comprising: 

32. an access control processor for processing an access control 
instruction controlling access to a first attribute of a first entry wherein 
the access control instruction specifies a filter expression (pg. 88, para. 
1; pg. 90, para. 1,4); and 

a filter processor for generating a result of a filter expression for a 
first value of the first attribute (pg. 88, para. 1 ; pg. 90, para. 1 , 4); 

wherein the access control processor provides the filter processor 
with the filter expression and the first value and controls access to the 
first attribute of the first entry based on the result of the filter 
expression (pg. 88, para. 1; pg. 90, para. 1,4); 

wherein the other expression defines a criterion for values of the 
first attribute (pg. 88, para. 1; pg. 90, para. 1,4). 

33. As per claim 29, the directory server of claim 28, wherein: 

the result of the filter expression is false if the first value of the first 
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attribute fails to meet the criterion defined in the filter expression (pg. 
92, para. 1). 

34. As per claim 30, the directory server of claim 28, wherein: 

the access control processor provides the filter processor with the 
filter expression and the first value if a requested access to the first 
attribute involves a class of operations associated with the filter 
expression (pg. 93, para. 1-8). 

35. As per claim 31 , the directory server of claim 28, wherein: 

the result of the filter expression is false if any value of the first 
attribute fails to meet the criterion defined in the filter expression (pg. 
92, para. 1). 

Conclusion 

36. Any inquiry concerning this communication or earlier 
communications should be directed to Nima Khomassi whose 
telephone number is (571) 272-3775. The examiner can normally be 
reached Monday-Friday from 8:30 AM to 5:00 PM. 

37. If attempts to reach the examiner by telephone are unsuccessful, 
the examiner's supervisor, Gilberto Barron Jr., can be reached at (571) 
272-3799. 

38. The fax number for Formal or Official faxes to Technology Center 
2100 is 571-273-8300. On July 15, 2005, the Central Facsimile (FAX) 
Number changed from 703-872-9306 to 571-273-8300. Faxes sent to 
the old number will be routed to the new number until September 15, 



Application/Control Number: 10/010,748 



Page 



Art Unit: 2132 

2005. After September 15, 2005, the old number will no longer be in 
service and 571-273-8300 will be the only facsimile number recognized 
for centralized delivery. 
39. Information regarding the status of an application may be obtained 
from the Patent Application Information Retrieval (PAIR) system. 
Status information for published applications may be obtained from 
either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more 
information about the PAIR system, see http://pair-direct.uspto.gov. 
Should you have any questions on access to the Private PAIR system, 
contact the Electronic Business Center (EBC) at 866-217-9197 (toll- 
free). 
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September 7, 2005 
Art Unit #2132 




GILBERT0 BARRON J/ 1 - 
SUPERVISORY PATENT EXAMINER 
TECHNOLOGY CENTER 2100 



